Security Researcher Found Flaw Exposing All FIFA World Cup 2026 Live Camera Streams

A security researcher discovered that anyone could register on FIFA's public Agent Platform using just a personal ID and gain unauthorized access to its Football Data Platform's Streaming Management panel. This access exposed RTMP ingest URLs and stream keys for every live camera feed planned for the 2026 FIFA World Cup. The vulnerability meant a bad actor could potentially hijack or disrupt all official World Cup broadcasts. After discovering the flaw, the researcher spent hours attempting to report it by contacting FIFA, broadcast partners MediaKind and HBS, as well as U.S. authorities including CISA and the FBI. The incident highlights serious gaps in credential and access controls for major sporting event infrastructure.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in